WordPress HM Logo Showcase – Slider & Grid Plugin < 2.0.4 is vulnerable to Cross Site Scripting (XSS)

Software HM Logo Showcase – Slider & Grid Type Plugin Vulnerable versions 2.0.4 Fixed in 2.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d6a5f366444f Credits Rafie Muhammad...

WordPress Booking Addon for WooCommerce Plugin <= 4.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Booking Addon for WooCommerce Type Plugin Vulnerable versions = 4.3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1704b913b21c Credits Rafie Muhammad...

WordPress Automizy Gravity Forms Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Automizy Gravity Forms Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b6399e0d3ef8 Credits Rafie Muhammad Patchstack...

WordPress WordPress Reviews by ReviewPress Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Reviews by ReviewPress Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9d16e4f8e0e1 Credits Rafie Muhammad...

WordPress Product Options and Price Calculation Formulas for WooCommerce – Uni CPO Plugin <= 4.9.26 is vulnerable to Cross Site Scripting (XSS)

Software Product Options and Price Calculation Formulas for WooCommerce – Uni CPO Type Plugin Vulnerable versions = 4.9.26 Fixed in 4.9.27 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership...

WordPress Flexible FAQs – Accordion FAQ Plugin for WordPress Plugin <= 0.5.11 is vulnerable to Cross Site Scripting (XSS)

Software Flexible FAQs – Accordion FAQ Plugin for WordPress Type Plugin Vulnerable versions = 0.5.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 461ddf21dbce Credit...

WordPress Migrate WordPress Website & Backups – Prime Mover Plugin < 1.8.8 is vulnerable to Cross Site Scripting (XSS)

Software Migrate WordPress Website & Backups – Prime Mover Type Plugin Vulnerable versions 1.8.8 Fixed in 1.8.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e9d42f7bfde8 Credits...

WordPress WP System Log Plugin < 1.2.2 is vulnerable to Cross Site Scripting (XSS)

Software WP System Log Type Plugin Vulnerable versions 1.2.2 Fixed in 1.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c875cf2db794 Credits Rafie Muhammad Patchstack Required...

WordPress Drop Shadow Boxes Plugin < 1.7.12 is vulnerable to Cross Site Scripting (XSS)

Software Drop Shadow Boxes Type Plugin Vulnerable versions 1.7.12 Fixed in 1.7.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8cdb65eb9ed4 Credits Rafie Muhammad Patchstack...

WordPress Advanced Visual Elements - Shortcode addons for Elementor & Gutenberg Plugin < 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Visual Elements - Shortcode addons for Elementor & Gutenberg Type Plugin Vulnerable versions 1.0.7 Fixed in 1.0.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Customer Order History for WooCommerce Plugin <= 2.4 is vulnerable to Cross Site Scripting (XSS)

Software Customer Order History for WooCommerce Type Plugin Vulnerable versions = 2.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1e9541c2f16e Credits Rafie Muhamma...

WordPress FiboSearch – Ajax Search for WooCommerce Plugin < 1.25.0 is vulnerable to Cross Site Scripting (XSS)

Software FiboSearch – Ajax Search for WooCommerce Type Plugin Vulnerable versions 1.25.0 Fixed in 1.25.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 17e225437595 Credits Rafie...

WordPress WooCommerce Store Toolkit Plugin <= 2.3.8 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Store Toolkit Type Plugin Vulnerable versions = 2.3.8 Fixed in 2.3.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 17a9ffda0fb3 Credits Rafie Muhammad...

WordPress Postcode Redirect Plugin <= 4.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Postcode Redirect Type Plugin Vulnerable versions = 4.4.1 Fixed in 5.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2d5e1edfc5f4 Credits Rafie Muhammad Patchstack...

WordPress Product Price History for WooCommerce Plugin < 2.1.6 is vulnerable to Cross Site Scripting (XSS)

Software Product Price History for WooCommerce Type Plugin Vulnerable versions 2.1.6 Fixed in 2.1.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f6582974ed46 Credits Rafie Muhamm...

WordPress Forms to Sheets Plugin <= 5.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Forms to Sheets Type Plugin Vulnerable versions = 5.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b0dac35e5d40 Credits Rafie Muhammad Patchstack Required...

WordPress ConeBlog – WordPress Blog Widgets Plugin <= 1.4.7 is vulnerable to Cross Site Scripting (XSS)

Software ConeBlog – WordPress Blog Widgets Type Plugin Vulnerable versions = 1.4.7 Fixed in 1.4.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer WP Cone PSID 46d2d31b4e72 Credits Rafie Muhammad...

WordPress Verbalize WP Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Verbalize WP Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 21e3ff2fe6c4 Credits Rafie Muhammad Patchstack Required...

WordPress Elasta Theme < 1.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Elasta Type Theme Vulnerable versions 1.0.9 Fixed in 1.0.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6c84debbae4a Credits Rafie Muhammad Patchstack Required privilege...

WordPress B Blocks - The ultimate block collection Plugin < 1.7.8 is vulnerable to Cross Site Scripting (XSS)

Software B Blocks - The ultimate block collection Type Plugin Vulnerable versions 1.7.8 Fixed in 1.7.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7a29938020aa Credits Rafie...